The Changelog Backend provides a Directory Server backend implementation that exposes an LDAP change log.
This backend may be used to discover recent changes that have been made to entries in this server. The change log conforms to the Changelog Internet draft specification. Some implementations of this specification are known as Retro Change Logs.
↓Parent Component
↓Properties
↓dsconfig Usage
The Changelog Backend component inherits from the Backend
The properties supported by this managed object are as follows:
| Description | Specifies a name to identify the associated backend. The name must be unique among all backends in the server. The backend ID may not be altered after the backend is created in the server. |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | A description for this Backend |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether the backend is enabled in the server. If a backend is not enabled, then its contents are not accessible when processing operations. |
| Default Value | None |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies the behavior that the backend should use when processing write operations. |
| Default Value | enabled |
| Allowed Values | enabled - Allows write operations to be performed in that backend (if the requested operation is valid, the user has permission to perform the operation, the backend supports that type of write operation, and the global writability-mode property is also enabled). disabled - Causes all write attempts to fail. internal-only - Causes external write attempts to fail but allows writes by replication and internal operations. |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies the base DN(s) for the data that the backend handles. A single backend may be responsible for one or more base DNs. Note that no two backends may have the same base DN although one backend may have a base DN that is below a base DN provided by another backend (similar to the use of sub-suffixes in the Sun Java System Directory Server). If any of the base DNs is subordinate to a base DN for another backend, then all base DNs for that backend must be subordinate to that same base DN. |
| Default Value | None |
| Allowed Values | A valid DN. |
| Multi-Valued | Yes |
| Required | Yes |
| Admin Action Required | None. No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. |
set-degraded-alert-when-disabled
| Description | Determines whether the Directory Server enters a DEGRADED state (and sends a corresponding alert) when this Backend is disabled. |
| Default Value | true |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
return-unavailable-when-disabled
| Description | Determines whether any LDAP operation that would use this Backend is to return UNAVAILABLE when this Backend is disabled. |
| Default Value | true |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies the path to the filesystem directory that is used to hold the Berkeley DB Java Edition database files containing the data for this backend. The files for this backend are stored in a sub-directory named after the backend-id. The path may be either an absolute path or a path relative to the directory containing the base of the Directory Server installation. The path may be any valid directory path in which the server has appropriate permissions to read and write files and has sufficient space to hold the database contents. |
| Default Value | db |
| Allowed Values | Unknown |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | The Directory Server must be restarted for changes to this setting to take effect. Modification requires that the Directory Server be stopped, the database directory manually relocated, and then the Directory Server restarted. While the Directory Server is stopped, the directory and files pertaining to this backend in the old database directory must be manually moved or copied to the new location. |
| Description | Specifies the period of time after which changelog entries are deleted automatically. |
| Default Value | None |
| Allowed Values | A duration. Lower limit is 1 milliseconds. |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies the percentage of JVM memory to allocate to the changelog database cache. Specifies the percentage of memory available to the JVM that should be used for caching changelog database contents. |
| Default Value | 1 |
| Allowed Values | An integer value. Lower limit is 1. Upper limit is 90 . |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies which attribute types will be included in a changelog entry for ADD and MODIFY operations. This restricts the set of attributes whose changes are recorded in the 'changes' attribute of changelog entries. By default all attribute types are included in the changes for ADD and MODIFY operations, but if this property is specified, then only attributes in this list will be included. The special values "*" and "+" can be used to specify all user attributes or all operational attributes, respectively. |
| Default Value | None |
| Allowed Values | The name or OID of an attribute to include in the changes. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies a set of attribute types that should be excluded in a changelog entry for ADD and MODIFY operations. This restricts the set of attributes whose changes are recorded in the 'changes' attribute of changelog entries. By default all attribute types are included in changelog entries for ADD and MODIFY operations, but if this property is specified, then all attributes except the ones in this list will be included. The special values "*" and "+" can be used to specify all user attributes or all operational attributes, respectively. |
| Default Value | None |
| Allowed Values | The name or OID of an attribute to exclude from the changes. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
changelog-deleted-entry-include-attribute
| Description | Specifies a set of attribute types that should be included in a changelog entry for DELETE operations. Attributes specified in this list will be recorded in the 'deletedEntryAttrs' attribute on the changelog entry when an entry is deleted. This attribute is not present by default. The special values "*" and "+" can be used to specify all user attributes or all operational attributes, respectively. |
| Default Value | None |
| Allowed Values | The name or OID of an attribute to include in the changes. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
changelog-deleted-entry-exclude-attribute
| Description | Specifies a set of attribute types that should be excluded from a changelog entry for DELETE operations. This restricts the set of attributes whose changes are recorded in the changelog on DELETE operation. Attributes specified in this list will be excluded from the 'deletedEntryAttrs' attribute on changelog entries. By default all attribute types are included in 'deletedEntryAttrs' for DELETE operations if 'use-reversible-form' is set to true. The special values "*" and "+" can be used to specify all user attributes or all operational attributes, respectively. |
| Default Value | None |
| Allowed Values | The name or OID of an attribute to exclude from the changes. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies whether values of creatorsName, ds-create-time, modifiersName and ds-update-time attributes will be written to changelog entries. Note: a virtual attribute provider can generate createTimestamp and modifyTimestamp values for returned changelog entries only if the ds-create-time and ds-update-time values were included when the entry was written. |
| Default Value | true |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Specifies whether the changelog should provide enough information to be able to revert the changes if desired. If this property is set to true, the changelog entries are affected as follows: Each changelog entry of type 'DELETE' will include the contents of the deleted entry in 'deletedEntryAttrs'. For changelog entries of type 'MODIFY', the changes will only contain DELETE of the previous values and ADD of the new values (avoiding the use of REPLACE values and omitting those values that didn't change). Note that using this setting alone will not provide you with any previous values of an attribute that did not change. To capture these values, you can use the 'changelog-include-before-after-values' property. |
| Default Value | false |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
db-directory-permissions (Advanced Property)
| Description | Specifies the permissions that should be applied to the directory containing the backend database files. They should be expressed as three-digit octal values, which is the traditional representation for UNIX file permissions. The three digits represent the permissions that are available for the directory's owner, group members, and other users (in that order), and each digit is the octal representation of the read, write, and execute bits. Note that this only impacts permissions on the database directory and not on the files written into that directory. On UNIX systems, the user's umask controls permissions given to the database files. |
| Default Value | 700 |
| Allowed Values | Any octal value between 700 and 777 (the owner must always have read, write, and execute permissions on the directory). |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
changelog-include-key-attribute (Advanced Property)
| Description | Specifies which attribute types will be included in a changelog entry on every change. This property will cause the current (after-change) value of the specified attributes to be recorded in the 'ds-changelog-entry-key-attr-values' attribute on the changelog entry. This applies for all change types. On a DELETE operation, the values are from the entry before it was deleted. The key values will be recorded on every change and are not restricted by the settings configured in 'changelog-include-attribute', 'changelog-exclude-attribute', 'changelog-deleted-entry-include-attribute', or 'changelog-deleted-entry-exclude-attribute'. |
| Default Value | There are no key attributes to include. |
| Allowed Values | The name or OID of an attribute type defined in the server schema. |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
changelog-max-before-after-values (Advanced Property)
| Description | This controls when attribute values for a modified attribute (even those values that have not changed) will be included in the changelog entry. If the number of attribute values does not exceed this limit, then all values for the modified attribute will be included in the changelog entry. Setting this property to a non-zero value will cause all of the old values and all of the new values (up to the specified maximum) for each changed attribute to be stored in the changelog entry. Note that this can be expensive for attributes with hundreds or thousands of values, such as a group entry; the number of values that are stored per attribute is capped by the value of this property. The values will be stored in the 'ds-changelog-before-values' and 'ds-changelog-after-values' attributes on the changelog entry. These attributes are not present by default. If any attributes have more than the maximum number of values, their names and number of before/after values will be stored in the 'ds-changelog-attr-exceeded-max-values-count' attribute on the changelog entry. This is a multi-valued attribute whose format is "attr=attributeName,beforeCount=100,afterCount=101", where "attributeName" is the name of the attribute and the "beforeCount" and "afterCount" are the total number of values for that attribute before and after the change, respectively. In either case (before or after the change) if the number of values is exceeding the maximum, then those values will not be stored. |
| Default Value | 0 |
| Allowed Values | An integer value. Lower limit is 0. A value of "-1" or "unlimited" for no limit. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
changelog-write-batch-size (Advanced Property)
| Description | Specifies the number of changelog entries written in a single database transaction. |
| Default Value | 100 |
| Allowed Values | An integer value. Lower limit is 1. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
changelog-purge-batch-size (Advanced Property)
| Description | Specifies the number of changelog entries purged in a single database transaction. |
| Default Value | 100 |
| Allowed Values | An integer value. Lower limit is 1. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
changelog-write-queue-capacity (Advanced Property)
| Description | Specifies the capacity of the changelog write queue in number of changes. |
| Default Value | 100 |
| Allowed Values | An integer value. Lower limit is 1. |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | The Changelog Backend must be disabled and re-enabled for changes to this setting to take effect. Modification requires that this component be disabled and then re-enabled |
je-property (Advanced Property)
| Description | Specifies the database and environment properties for the Berkeley DB Java Edition database for this changelog backend. Any Berkeley DB Java Edition property can be specified using the following form: property-name=property-value. Refer to the Directory Server documentation for further information on related properties, their implications, and range values. The definitive identification of all the property parameters is available in the example.properties file of Berkeley DB Java Edition distribution. |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | Yes |
| Required | No |
| Admin Action Required | Changes to this configuration property will only take effect if the Directory Server is restarted. |
To list the configured Backends:
dsconfig list-backends
[--property {propertyName}] ...
To view the configuration for an existing Backend:
dsconfig get-backend-prop
--backend-name {name}
[--tab-delimited]
[--script-friendly]
[--property {propertyName}] ...
To update the configuration for an existing Backend:
dsconfig set-backend-prop
--backend-name {name}
(--set|--add|--remove) {propertyName}:{propertyValue}
[(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To create a new Changelog Backend:
dsconfig create-backend
--backend-name {name}
--type changelog
--set enabled:{propertyValue}
--set base-dn:{propertyValue}
--set changelog-maximum-age:{propertyValue}
[--set {propertyName}:{propertyValue}] ...
To delete an existing Backend:
dsconfig delete-backend
--backend-name {name}